Yes. You cannot use npm update to automatically update based on the semver. I prefer using package-lock.json to lock versions.
Thanks. Will look more into it.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.